Find Bug in your website

maulik shah shahmaulik120 at
Sun Sep 29 13:53:43 EDT 2013

one another bug

Internal server error

Url :-

HTTP request
GET /~seanegan/ HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET
CLR 1.1.4322; Netsparker)
X-Scanner: Netsparker
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate

Response :-
HTTP/1.1 500 Internal Server Error
Date: Sun, 29 Sep 2013 17:11:46 GMT
X-Powered-By: PHP/5.4.4-14+deb7u4
Content-type: text/html
Server: lighttpd
Content-Length: 0

On Sun, Sep 29, 2013 at 11:17 PM, Mark Doliner <mark at> wrote:

> Hi Maulik. Thanks for reporting this to us. You're right, we should be
> forcing https here but we're not. We'll try to fix this soon. In the
> mean time, this problem isn't too terrible because there isn't a huge
> amount of harm that can be done with a user's mailing list password.
> Probably the worst aspect of this is that many users will use the same
> password here as for other things, like their bank or email account.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the security mailing list